We assume the role of an external data protection officer for private controllers (companies) and federal bodies based on the applicable Swiss Federal Act on Data Protection (FADP), or as your external in-house counsel and contact for all data protection-related issues that arise in your organization.
External in-house counsel
In this role, we act as contact person for any data protection related issues in your organization and support you in complying with all applicable data protection laws. Your company and your employees benefit from a competent and experienced partner without having to build up internal know-how and specialist knowledge or using internal resources.
External Data Protection Officer for private controllers
According to art. 10 FADP, private controllers may appoint a data protection officer (DPO), but are not obliged to do so.
The DPO is the contact point for data subjects and for the Federal Data Protection and Information Commissioner (FDPIC). In particular, he or she has the following duties:
- to train and advise the company in matters of data protection;
- to participate in the enforcement of data protection regulations.
The appointment of a DPO brings certain advantages for companies, provided that the following requirements are fulfilled:
- The DPO performs his/her function towards the controller in a professionally independent manner and without being bound by instructions;
- The DPO does not perform any activities which are incompatible with his/her tasks as DPO;
- The DPO possesses the necessary professional knowledge;
- The controller publishes the contact details of the DPO and communicates them to the FDPIC.
External Data Protection Officer for federal bodies
According to art. 10 para. 4 FADP in conjunction with art. 25 Data Protection Ordinance, every federal body shall appoint a data protection officer. Federal body means federal authorities and services as well as persons who are entrusted with federal public tasks, such as pension funds.
The DPO:
- participates in applying the data protection regulations, in particular in that he or she:
- examines the processing of personal data and recommends corrective measures if a breach of the data protection regulations is established;
- advises the controller on preparing the data protection impact assessment and reviews its implementation.
- serves as a contact point for data subjects.
- trains and advises employees of the federal body on data protection matters.
The federal body also has certain obligations in relation to the DPO:
- It shall grant the DPO access to all information, documents, records of processing activities and personal data that he or she requires to fulfil his or her tasks.
- It shall ensure that the DPO is notified of any breach of data security.
The federal body shall further publish the contact details of the DPO online and notify the FDPIC of these details.
What are the advantages of appointing us as your external DPO?
We
- have extensive experience in the function of global and Swiss data protection officer
- carry out our duties independently and without conflicts of interest
- provide specialist knowledge in data privacy and are up to date with the latest developments in data protection worldwide and in particular at Swiss and European level
- offer a flexible service package according to your specific needs
You
- ensure compliance with Swiss and European data protection laws
- have a competent and experienced partner who effectively supports you in your compliance efforts
- obtain expert knowledge and know-how without having to build up expertise in-house
- free up internal resources
The exercise of the role as DPO does not only require expert knowledge and independence on the part of the DPO, but also trust in the DPO and cooperation with the DPO on the part of the controller. We are happy to support you.
Please do not hesitate to contact us if you need further information or support in the decision whether you should or need to appoint a DPO under the Swiss FADP or under the EU GDPR.
Our Services
External in-house counsel
As your external in-house counsel, we are your contact person for any data protection related issues in your organization and provide customized services such as:
- Legal advice on day-to-day privacy issues
- Development and carrying out of awareness and training programs for employees
- Development and implementation of privacy management practices, policies, procedures, processes, templates, tools, etc.
External Data Protection Officer under the FADP
We are happy to assume the role of an external DPO for companies and federal bodies, also ad interim, based on the Swiss Federal Act on Data Protection. We carry out all statutory duties and, as needed and requested by the client, services that go beyond, such as:
- Support in the establishment and maintenance of the record of processing activities
- Development and implementation of data privacy management practices, policies, procedures, and processes
- Legal advice in day-to-day privacy-related matters
- Development and review of templates and tools
- Risk management
- Handling of personal data breaches, access requests, and complaints
- Developing and delivering awareness and training programs for employees
External Data Protection Officer under the GDPR
We also assume the role of external data protection officer in the EU under the GDPR. Please contact us for more information.